README.md

---
title: Attack Path Visualizer
emoji: 🗺️
colorFrom: red
colorTo: purple
sdk: gradio
sdk_version: 5.50.0
python_version: '3.10'
app_file: app.py
pinned: false
license: apache-2.0
tags:
- cybersecurity
- attack-path
- mitre-attack
- visualization
- threat-modeling
- red-team
- pentest
datasets:
- AYI-NEDJIMI/mitre-attack-fr
- AYI-NEDJIMI/mitre-attack-en
---

# 🗺️ Attack Path Visualizer

A comprehensive interactive visualization tool for cybersecurity attack chains and threat modeling. Perfect for security professionals, red teamers, and defensive teams.

## Features

- **10 Common Attack Scenarios** - Realistic attack chains covering major threat categories
- **MITRE ATT&CK Mapping** - All techniques mapped to official MITRE ATT&CK framework
- **Interactive Flowcharts** - Color-coded attack phases with clickable nodes
- **Bilingual Support** - English and French interfaces
- **Phase Breakdown Analysis** - Visual charts showing attack phase distribution
- **Detailed Stage Information** - Description and MITRE technique details for each step

## Attack Paths Included

1. **Classic AD Domain Compromise** - Phishing → Macro → Credential Dump → Lateral Movement → Domain Admin → Data Exfil
2. **Web App to Internal Network** - SQLi → Web Shell → Reverse Shell → Network Recon → Database Access → Exfil
3. **Cloud Account Takeover** - Credential Stuffing → MFA Bypass → API Token Theft → Privilege Escalation → Data Access
4. **Ransomware Kill Chain** - Phishing → Malware → C2 → Reconnaissance → Lateral Movement → Encryption
5. **Supply Chain Attack** - Compromised Dependency → Code Injection → Distribution → C2 → Persistence → Exfil
6. **Insider Threat - Data Theft** - Legitimate Access → Privilege Escalation → Data Discovery → Exfiltration → Cover Tracks
7. **NTLM Relay Attack** - LLMNR Poisoning → NTLM Capture → Relay → Shell Access → Persistence
8. **Kerberos Attack Chain** - SPN Enumeration → Kerberoasting → Pass-the-Hash → DCSync → Hash Extraction
9. **Web API Exploitation** - API Enumeration → Auth Bypass → IDOR → Parameter Tampering → Bulk Export
10. **Zero-Day Exploitation** - Reconnaissance → Zero-Day Discovery → Exploit → C2 → Rootkit → Long-term Theft

## Color Legend

- 🔴 **Red** - Initial Access
- 🟠 **Orange** - Execution
- 🟡 **Yellow** - Credential Access
- 🔵 **Blue** - Lateral Movement
- 🟣 **Purple** - Privilege Escalation
- 🔷 **Teal** - Persistence
- 🔴 **Pink** - Command & Control
- ⚫ **Black** - Exfiltration
- 🟥 **Dark Red** - Impact

## Use Cases

- **Threat Modeling** - Understand realistic attack chains for your environment
- **Red Team Training** - Train defensive teams on threat scenarios
- **Incident Response** - Map detected activities to known attack patterns
- **Security Awareness** - Educate employees on attack progression
- **Compliance Documentation** - Demonstrate threat understanding for audits
- **LinkedIn Sharing** - Create awareness-raising content about cybersecurity

## Technology

- **Gradio** - Web interface framework
- **Plotly** - Interactive visualization and charts
- **Python** - Backend logic

## Installation

```bash
pip install -r requirements.txt
python app.py
```

## How to Use

1. Select an attack path from the dropdown menu
2. Choose your language (English or Français)
3. View the interactive attack flowchart
4. Read the attack description and statistics
5. Review the phase breakdown analysis
6. Examine detailed information for each attack stage

## MITRE ATT&CK Integration

All attack paths are mapped to official MITRE ATT&CK techniques. Hover over nodes to see:
- Technique name
- MITRE technique ID (e.g., T1566)
- Attack phase classification

Learn more: https://attack.mitre.org/

## Educational Purpose

This tool is designed for:
- ✅ Authorized security testing
- ✅ Defensive team training
- ✅ Threat modeling and risk assessment
- ✅ Security awareness and education
- ✅ Incident response planning

This tool should only be used in authorized environments.

## Security Notes

- Educational tool for authorized security professionals
- Based on publicly known attack techniques
- Use to improve defensive posture
- Share knowledge responsibly within your organization

## Resources

- [MITRE ATT&CK Framework](https://attack.mitre.org/)
- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
- [OWASP Security Top 10](https://owasp.org/www-project-top-ten/)
- [CIS Critical Security Controls](https://www.cisecurity.org/controls/)

## Contributing

Suggestions for additional attack paths or improvements are welcome!

## License

Apache License 2.0

---

**Made with ❤️ for the cybersecurity community**

Perfect for sharing on LinkedIn to raise awareness about cybersecurity threats and defense strategies.

---

**Powered by [AYI-NEDJIMI Consultants](https://ayinedjimi-consultants.fr)** - AI & Cybersecurity Consulting

- [All Datasets](https://huggingface.co/AYI-NEDJIMI)
- [AI & Cyberdefense Whitepaper](https://ayinedjimi-consultants.fr/livre-blanc-ia-cyberdefense.html)